Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/VpDwwxR9jqBWdASNkKiBBt5GiB4.roa
File: VpDwwxR9jqBWdASNkKiBBt5GiB4.roa (raw, json)
Hash identifier: itY5yvPYDB5628PjT5F/FhLXkb6QMurioRk20k1SZe4=
Subject key identifier: 56:90:F0:C3:14:7D:8E:A0:56:74:04:8D:90:A8:81:06:DE:46:88:1E
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 01856F5DDDE0E59099E4DA451756AE72C8CA
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/VpDwwxR9jqBWdASNkKiBBt5GiB4.roa
Signing time: Sun 01 Jan 2023 22:05:00 +0000
ROA not before: Sun 01 Jan 2023 22:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48473
IP address blocks: 85.248.152.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:dd:e0:e5:90:99:e4:da:45:17:56:ae:72:c8:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 1 22:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5690f0c3147d8ea05674048d90a88106de46881e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:cd:91:ed:db:7e:48:97:0b:8d:84:2f:4e:fa:
6a:c1:20:87:33:e9:d2:ae:4a:09:7b:ac:3d:ee:6a:
34:bb:be:ea:f5:2e:09:6b:dd:d6:d6:2b:ff:c3:78:
68:ee:ed:16:68:89:aa:ed:9b:14:d9:a0:1d:ad:06:
1a:aa:d9:4d:cc:be:04:aa:3d:6a:be:43:31:ed:1e:
9a:33:88:f7:35:b2:cc:07:4c:d9:60:05:3d:d9:60:
66:c6:f9:41:63:69:fe:c7:02:a9:5b:8a:c3:3f:5a:
9e:ef:34:aa:cc:bc:34:e9:50:08:ed:c2:5e:79:47:
9e:01:b1:b4:ec:16:45:5e:37:e7:1a:39:bd:ef:b8:
ce:99:a5:74:09:fb:cb:2f:51:d9:e0:1e:19:1b:7c:
43:54:3c:c5:48:9d:6f:21:b4:f8:ca:39:74:7c:ab:
d2:f8:98:b8:82:0e:81:00:de:75:31:0b:f7:92:33:
b6:82:9d:60:f9:5d:f2:62:ae:22:bd:da:c1:01:26:
1d:d2:23:eb:3e:67:0a:15:50:b0:25:be:29:76:58:
a8:ba:e0:db:77:34:ea:dd:9a:8b:7c:97:3b:bd:09:
76:a1:ff:f0:26:bf:12:cb:f7:6f:af:75:c4:c7:c7:
0e:0a:94:43:00:4f:f4:25:4e:ac:44:4c:cd:ca:04:
3e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:90:F0:C3:14:7D:8E:A0:56:74:04:8D:90:A8:81:06:DE:46:88:1E
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/VpDwwxR9jqBWdASNkKiBBt5GiB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.248.152.0/22
Signature Algorithm: sha256WithRSAEncryption
57:1d:5e:de:06:44:1f:fd:e6:b9:c3:bb:b7:2e:61:43:66:b9:
9c:d1:e9:15:a4:76:10:7a:8a:98:67:81:51:ad:0e:62:12:88:
7b:f1:ef:ed:97:7e:a7:35:ad:16:88:a5:fd:6a:64:ac:c7:25:
ff:d0:fa:8f:f7:7e:d1:8b:92:7b:b1:c0:92:32:80:09:f6:8d:
a0:49:45:04:a0:a0:f0:83:4a:5f:ab:61:31:ee:d0:f4:c4:dd:
18:b3:3e:2b:b9:86:e0:28:13:e9:26:a8:2d:0d:95:8e:64:29:
bf:4d:ca:48:02:ba:1d:92:2f:5f:b5:bd:b3:bc:28:49:d9:93:
b2:35:56:49:18:58:ac:a2:34:82:46:64:5c:d6:07:58:47:20:
1b:89:59:b9:c8:6b:00:50:5f:10:48:b6:cb:97:bc:61:b5:b2:
bb:85:75:5e:29:2b:c4:d5:ce:50:f7:a9:b4:a4:5f:cc:5b:90:
8d:71:65:02:5c:bc:a7:80:29:20:6c:47:77:e5:b7:dc:bf:55:
ee:f6:45:c2:87:33:bc:e5:d5:e1:02:6a:9e:3a:e3:c0:b3:1f:
75:cb:ea:43:91:90:f2:83:ea:47:63:df:ab:e5:52:c5:ac:73:
d4:ea:1c:e9:5e:ab:e5:94:c0:ce:28:ad:ea:d7:e7:16:0c:3a:
95:df:5a:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXd3g5ZCZ5NpFF1aucsjKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjMwMTAxMjIwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjkwZjBjMzE0N2Q4ZWEwNTY3NDA0OGQ5MGE4ODEwNmRlNDY4ODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1M2R7dt+SJcLjYQvTvpqwSCHM+nS
rkoJe6w97mo0u77q9S4Ja93W1iv/w3ho7u0WaImq7ZsU2aAdrQYaqtlNzL4Eqj1q
vkMx7R6aM4j3NbLMB0zZYAU92WBmxvlBY2n+xwKpW4rDP1qe7zSqzLw06VAI7cJe
eUeeAbG07BZFXjfnGjm977jOmaV0CfvLL1HZ4B4ZG3xDVDzFSJ1vIbT4yjl0fKvS
+Ji4gg6BAN51MQv3kjO2gp1g+V3yYq4ivdrBASYd0iPrPmcKFVCwJb4pdliouuDb
dzTq3ZqLfJc7vQl2of/wJr8Sy/dvr3XEx8cOCpRDAE/0JU6sREzNygQ+AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFaQ8MMUfY6gVnQEjZCogQbeRogeMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvVnBEd3d4UjlqcUJXZEFTTmtLaUJCdDVHaUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVfiYMA0G
CSqGSIb3DQEBCwUAA4IBAQBXHV7eBkQf/ea5w7u3LmFDZrmc0ekVpHYQeoqYZ4FR
rQ5iEoh78e/tl36nNa0WiKX9amSsxyX/0PqP937Ri5J7scCSMoAJ9o2gSUUEoKDw
g0pfq2Ex7tD0xN0Ysz4ruYbgKBPpJqgtDZWOZCm/TcpIArodki9ftb2zvChJ2ZOy
NVZJGFisojSCRmRc1gdYRyAbiVm5yGsAUF8QSLbLl7xhtbK7hXVeKSvE1c5Q96m0
pF/MW5CNcWUCXLyngCkgbEd35bfcv1Xu9kXChzO85dXhAmqeOuPAsx91y+pDkZDy
g+pHY9+r5VLFrHPU6hzpXqvllMDOKK3q1+cWDDqV31ql
-----END CERTIFICATE-----
Generated at Sun May 11 11:19:46 2025 by rpki-client